Combined multiple-application alert system and method

ABSTRACT

A system, method and computer program product are provided for combined alerting. Initially, an event is identified. First information relating to a first response to the event associated with a first application is received. Further received is second information relating to a second response to the event associated with a second application. In response thereto, a single alert is displayed including the first information and the second information.

FIELD OF THE INVENTION

The present invention relates to application alerting, and moreparticularly to alerting users of various computing environmentsituations.

BACKGROUND OF THE INVENTION

Security threats have evolved significantly over the past years.Advanced hybrid threats, have been designed to attack systems onmultiple fronts, sometimes searching for vulnerabilities until one isfound. New threats also attempt to attack security technology itself.

Traditional consumer security software suites often included a pluralityof various applications such as an anti-virus application, a firewallapplication, anti-spam applications, content filtering application, etc.Such applications existed in such software suites as a simple bundle. Inother words, each product secured its own domain in a vacuum. As such,various security events were acted upon separately by each of theapplications.

One of the actions taken by the aforementioned applications includes analert. Prior Art FIG. 1 illustrates one exemplary prior art system 10where a plurality of applications separately generate a plurality ofseparate alerts. As shown, a first application 12 and a secondapplication 14 are included in an application suite 16. In such priorart system 10, the first application 12 is capable of generating a firstalert 13, while the second application 14 is capable of generating asecond alert 15, as so on.

As is readily apparent, such separate alerting can be quite cumbersome,inefficient, and even bothersome to a user. This is especially the casewhere each application generates a separate alert for a single event;and further in an environment where a large number of applicationsexist.

There is thus a need for a more effective alerting technique in anenvironment including a plurality of applications.

DISCLOSURE OF THE INVENTION

A system, method and computer program product are provided for combinedalerting. Initially, an event is identified. First information relatingto a first response to the event associated with a first application isreceived. Further received is second information relating to a secondresponse to the event associated with a second application. In responsethereto, a single alert is displayed including the first information andthe second information.

In one embodiment, the single alert may include a description of theevent. The first information may identify a proposed user actionrelating to the first application based on the event. Similar, thesecond information may identify a proposed user action relating to thesecond application based on the event. Moreover, the foregoinginformation may relate to any automatic responses to the event by theapplications.

In another embodiment, components of the first information and thesecond information may be ranked. In such embodiment, the components ofthe first information and the second information may be conditionallyincluded in the single alert based on the ranking or, in other words,priority.

In still another embodiment, the single alert may include a windowautomatically displayed on a front most window of a user interface.Further, the single alert may include a textual description of the firstinformation and the second information.

As an option, the event May include a security event. Still yet, thefirst application and the second application may include applicationssuch as an anti-virus application, a firewall application, a contentfiltering application, an anti-spam application, and/or a utilitiesapplication.

In still yet another embodiment, the receiving and displaying operationsmay be carried out utilizing an interface. Such interface may include anapplication program interface. Still yet, the interface may furtherinclude a graphical user interface for allowing access to the firstapplication and the second application, and/or provide a status for thesame.

Thus, a single alert object is provided including a first portionreflecting a first response to an event associated with a firstapplication. Associated therewith is a second portion displayedsimultaneously with the first portion for reflecting a second responseto the event associated with a second application.

Another system, method and computer program product are provided forcombined alerting. Initially, an event is identified after which firstinformation and second information are received, similar to above. Inthe present embodiment, however, the first information corresponds to afirst proposed user action in response to the event associated with afirst application, and the second information corresponds to a secondproposed user action in response to the event associated with a secondapplication. To this end, a single alert is displayed including thefirst information and the second information.

As an option, the single alert may include a plurality of selectionicons capable of being selected by a user for executing at least one ofthe first proposed user action and the second proposed user action. Suchselection icons may include links. Moreover, the selection icons mayinclude hyperlinks.

BRIEF DESCRIPTION OF THE DRAWINGS

Prior Art FIG. 1 illustrates one exemplary prior art system.

FIG. 1A illustrates a network architecture, in accordance with oneembodiment.

FIG. 2 shows a representative hardware environment that may beassociated with the data server computers and/or end user computers ofFIG. 1A, in accordance with one embodiment.

FIG. 3 illustrates a system adapted for interfacing a plurality ofapplications, in accordance with one embodiment.

FIG. 3A shows an exemplary graphical user interface associated with theinterface of FIG. 3.

FIG. 4 illustrates a plurality of libraries adapted for facilitating theinterfacing of a plurality of applications, in accordance with oneembodiment.

FIG. 5 illustrates a method for interfacing a plurality of applications,in accordance with one embodiment.

FIG. 6 illustrates an exemplary manner in which production andconsumption events are correlated according to the method of FIG. 5 andin the context of the libraries of FIG. 4.

FIG. 7 illustrates an exemplary alert that may be generated according tothe method of FIG. 5 and in the context of the libraries and correlationof FIGS. 4 and 6, respectively.

DESCRIPTION OF THE PREFERRED EMBODIMENTS

FIG. 1A illustrates a network architecture 100, in accordance with oneembodiment. As shown, a plurality of networks 102 is provided. In thecontext of the present network architecture 100, the networks 102 mayeach take any form including, but not limited to a local area network(LAN), a wide area network (WAN) such as the Internet, etc.

Coupled to the networks 102 are data server computers 104 which arecapable of communicating over the networks 102. Also coupled to thenetworks 102 and the data server computers 104 is a plurality of enduser computers 106. In order to facilitate communication among thenetworks 102, at least one gateway or router 108 is optionally coupledtherebetween. It should be noted that each of the foregoing networkdevices as well as any other unillustrated devices may be interconnectedby way of a plurality of network segments.

FIG. 2 shows a representative hardware environment that may beassociated with the data server computers 104 and/or end user computers106 of FIG. 1A, in accordance with one embodiment. Such figureillustrates a typical hardware configuration of a workstation inaccordance with a preferred embodiment having a central processing unit210, such as a microprocessor, and a number of other unitsinterconnected via a system bus 212.

The workstation shown in FIG. 2 includes a Random Access Memory (RAM)214, Read Only Memory (ROM) 216, an I/O adapter 218 for connectingperipheral devices such as disk storage units 220 to the bus 212, a userinterface adapter 222 for connecting a keyboard 224, a mouse 226, aspeaker 228, a microphone 232, and/or other user interface devices suchas a touch screen (not shown) to the bus 212, communication adapter 234for connecting the workstation to a communication network 235 (e.g., adata processing network) and a display adapter 236 for connecting thebus 212 to a display device 238.

The workstation may have resident thereon an operating system such asthe Microsoft Windows NT or Windows/95 Operating System (OS), the IBMOS/2 operating system, the MAC OS, or UNIX operating system. It will beappreciated that a preferred embodiment may also be implemented onplatforms and operating systems other than those mentioned. A preferredembodiment may be written using JAVA, C, and/or C++ language, or otherprogramming languages, along with an object oriented programmingmethodology. Object oriented programming (OOP) has become increasinglyused to develop complex applications.

Our course, the various embodiments set forth herein may be implementedutilizing hardware, software, or any desired combination thereof. Forthat matter, any type of logic may be utilized which is capable ofimplementing the various functionality set forth herein.

FIG. 3 illustrates a system 300 adapted for interfacing a plurality ofapplications, in accordance with one embodiment. As an option, thepresent system 300 may be implemented in the context of the architectureof FIGS. 1 and 2. Of course, the system 300 may be implemented in anydesired context.

As shown, included is a plurality of applications 301. In the context ofthe present description, such applications 301 may include any type ofapplication program or computer code. For example, the applications 301may optionally be security related. Of course, the applications 301 maybe related to any other aspects such as business, maintenance,entertainment, etc.

In the security context, the applications 301 may include an anti-virusapplication 302, a firewall application 304, a content filteringapplication 308, an anti-spam application 306, and/or any other relatedapplication 310 (i.e. a utilities application, etc.).

In use, the anti-virus application 302 may be capable of scanning forviruses or other malicious code by comparing virus signature files withdata located in memory or being transmitted via a network; and takingany appropriate response (i.e. quarantine data, delete data, clean data,alert user, etc.). Moreover, the firewall application 304 may be capableof blocking or alerting a user of accesses to a computer or networkbased on a predetermined set of rules or policies.

Still yet, the content filtering application 308 may be capable ofprotecting personal information on a computer and preventing the samefrom being shared. Still yet, the content filtering application 308 maybe capable of preventing certain users from accessing predeterminedcontent on a network such as the Internet. Moreover, the anti-spamapplication 306 may be capable of filtering electronic mail messagesbased on a predetermined rule set to prevent the receipt (or delivery)of unwanted e-mail.

It should be noted that each of the applications may be capable ofreporting information back to the interface. For example, the firewallapplication may report hacker attacks in the form of a consumptionevent. In a similar manner, the anti-spam application may be able toreport spam, viruses, etc.

As mentioned earlier, any other related application 310 may be includedin the group of applications 301. For example, a utilities applicationmay be included for executing various maintenance tasks associated witha computer (i.e. cleaning files, optimizing memory, etc.).

Further provided in combination with the applications 301 of the system300 is an interface 312. In use, such interface 312 may include anyspecific method, technique or protocol by which an application programcan communicate with an operating system or another application. In oneembodiment, such interface 312 may include an application programinterface.

In use, the interface 312 is capable of receiving a signal that an eventhas been detected or responded to by a first one of the applications301. Thereafter, a second one of the applications 301 is prompted torespond to the event utilizing the interface 312.

As an option, the interface 312 may further include a graphical userinterface for allowing access to the various applications 301. Suchgraphical user interface may further be used for indicating a status ofthe different applications 301.

It should be noted that the foregoing technique may be accomplished inany desired manner. Additional information regarding specific optionalfeatures will be set forth in greater detail during reference to thefollowing figures.

FIG. 3A illustrates an exemplary graphical user interface 350 associatedwith the interface 312 of FIG. 3. To allow access to each of theapplications via the single graphical user interface 350, the graphicaluser interface 350 may include a home page 362 and a plurality ofselection icons 364 for allowing access to a plurality of windows (notshown) associated with each of the applications. Optionally, suchwindows may each include access to functionality associated with thecorresponding one of the related applications.

In use, the home page 362 may be adapted for displaying a visualindication as to the status of each of the applications, along withvarious other information. For example, a security index 366 may beprovided for indicating a level of risk associated with various aspects(i.e. security aspects) of a computer or networking environment. Furtherincluded is general information and alerts displayed in separate frames368. As will soon become apparent, such alerts may be pushed from aserver and further provide various options to a user. Still yet, thehome page 362 may include an update icon 370, additional informationicon 372, a support icon 374, and a help icon 376.

To convey the status of each of the applications, the home page 362 ofthe single graphical user interface 350 may include a list 337 of aplurality of applications 354. Still yet, the single graphical userinterface 350 may include a plurality of status indicators 356 adjacentto each of the applications 354 in the list 337.

Each status indicator 356 may indicate whether the corresponding theapplication is installed. Moreover, each status indicator 356 mayindicate whether the corresponding the application is enabled. Stillyet, each status indicator 356 may indicate whether a subscriptionassociated with the corresponding the application is expired. While thisis shown to be accomplished using text, it should be noted that suchstatus may be conveyed in any desired manner.

As an option, each status indicator 356 may be color coded. For example,an icon may be included as a status indicator 356, as shown. In use,such icon may exhibit a red color to reflect the fact that anapplication is not installed, disabled or expired; and a green color mayindicate that the application is installed and running.

Of course, the status indicator 356 may include any combination oftextual, graphic, numeric visuals that indicates a status of theapplications 354. Moreover, such status may include installed, notinstalled, expired, enabled, disabled, or any other conceivable state ofthe applications.

FIG. 4 illustrates a plurality of libraries 400 adapted for facilitatingthe interfacing of a plurality of applications, in accordance with oneembodiment. As an option, the libraries 400 may be implemented in thecontext of the system 300 of FIG. 3. Of course, the libraries 400 may beimplemented in any desired context.

As shown, each of a plurality of applications may have a libraryassociated therewith. In the context of FIG. 4, such libraries mayinclude an anti-virus application library 402 associated with ananti-virus application such as that of FIG. 3, a firewall applicationlibrary 404 associated with a firewall application such as that of FIG.3, a content filtering application library 408 associated with a contentfiltering application such as that of FIG. 3, and an anti-spamapplication library 406 associated with an anti-spam application such asthat of FIG. 3.

In particular, each of the libraries 400 may include a list ofproduction events 410 and a plurality of consumption events 412. Theproduction events 410 may include any responses generated by theapplication associated with the particular library. Still yet, theconsumption events 412 may include any responses which the applicationis capable of receiving from other applications, and respondingaccordingly. It should be noted that the specific production events 410and consumption events 412 listed in FIG. 4 are set forth forillustrative purposes only, and should not be construed as limiting inany manner.

In use, each of the libraries 400 may, in one embodiment, be installedon a computer in conjunction with the associated application. Moreover,each of the applications may be installed separately as desired. Ofcourse, per the desires of the user, the libraries 400 may be installedat any time, and the applications may be installed in any combination.

In any case, logic associated with the aforementioned interface mayutilize the foregoing libraries 400 to facilitate the appropriateinteraction of the applications. More information regarding exemplarydetails as to the manner in which this is accomplished will be set forthhereinafter in greater detail.

It should be noted that the various events of the libraries 400 may beassociated with applications from different companies, thus making thepresent technique vendor-independent. If an application developer feelsthat an action taken by their application may be interesting to otherapplications, the developer may register the action with the logicassociated with the interface using the libraries 400. As an option,restrictions may be put into place regarding events that are registered.See, for example, Table 1 which includes a plurality of exemplaryrestrictions or requirements as to including the production events 410in the appropriate libraries 400. Of course, such restrictions arestrictly optional.

TABLE 1 Application can perform an action The action is non-trivial andresults in a “significant change” to the state of the user computer Amessage is generated and transmitted to the interface when this actionis performed The feature is supported for the foreseeable future

As a further option, certain fields may be included in the libraries 400for each of the production events 410. See Table 2, for example.

TABLE 2 Product Source Event Name (i.e. plain English, concisedescription, etc.) Event Source (i.e. stateful response, user-actionresponse, etc.) Event Severity Event Description (i.e. plain Englishdescription which MAY be displayed to end-user, etc.) Event Parameters(i.e. XML based schema for describing additional information possiblycontained in event, etc.)

Table 2A illustrates an exemplary production event associated with ananti-virus application.

TABLE 2A Product Source: Anti-virus application Event Name: “InfectedFile Detected” Event Source: Stateful Response Event Severity: HighSeverity Event Description: “An anti-virus application has found aninfected file on your computer.” Event Parameters: N/A Filename: Path ofthe Infected File InfectionName: AVERT name of virus/Trojan foundInfectionType: Trojan, Virus, Script-Virus, etc.

Table 3 includes a plurality of exemplary restrictions or requirementsas to including consumption events 412 in the appropriate libraries 400.Again, such restrictions are strictly optional.

TABLE 3 The additional functionality augments a consumption event Thereis a desire to change internal product settings in response to aconsumption event

Similar to the production events 410, certain fields may be included inthe libraries 400 for each of the consumption events 410. See Table 4,for example.

TABLE 4 Consuming Product Response Name Response Description ResponseDefault Action Response Additional Actions

Table 4A illustrates an exemplary firewall application consumption eventassociated with the production event set forth in Table 2A.

TABLE 4A Consuming Product: Firewall application Response Name:“Infected Application Blocked” Response Description: “A firewallapplication will block the infected file from accessing the Internet andoptionally report the file to HackerWatch.org” Response Default Action:Block Response Additional Actions: Ignore, Report to HackerWatch.org

It should be noted that the libraries 400 may be updated as desired.This may be accomplished utilizing a server-client communication, etc.

FIG. 5 illustrates a method 500 for interfacing a plurality ofapplications, in accordance with one embodiment. As an option, themethod 500 may be implemented in the context of the system and librariesof FIGS. 3 and 4. Of course, the method 500 may be implemented in anydesired context.

Initially, an event is detected with a first application. See operation502. Such event may include any event on a computer or networkassociated with the application. Moreover, the first application mayinclude any desired application. See, for example, the applications ofFIG. 3. In the context of security applications, the event may include asecurity event. Such security event may include any event associatedwith the computer or network that may detrimentally affect the same inany manner.

Next, in operation 504, a first response to the event is processedutilizing the first application. Such processing may encompass anyobjective associated with the particular application. Next, the eventand the first response are identified to the interface utilizing thefirst application. It should be noted that this or any type of signalmay be sent to the interface for prompting a response by anotherapplication(s).

After such first response is identified in the first library, it isdetermined whether such production event correlates with a consumptionevent of another library associated with any other applications. Noteoperation 506.

If such a correlation is made, the appropriate consumption event orrelated signal is sent to the application(s). Note, for example,operations 508 and 510. Such actions, in turn, prompt further responsesfrom the other application(s). Of course, such responses may be reportedback to the interface for generating additional consumption events, andso on.

It should be noted that the interface may prompt responses from theother application(s) in any desired manner. Just by way of example, thelibraries may be used during a registration process to configure thelogic governing the interface. Moreover, the logic may be pre-configuredand installed with a suite of applications. Of course, any techniquecapable of prompting responses from the other application(s) may beused.

When all of the appropriate responses have occurred, an alert may begenerated in operation 512. Such alerting may be accomplished in anydesired manner. For example, the first information may be receivedrelating to the first response to the event associated with the firstapplication. Moreover, second information may be received relating to asecond response to the event associated with a second application, andso on. Of course, third and fourth information may be received toreflect the number of applications that have responded to a consumptionevent in the aforementioned manner.

With this information in hand, a single alert may be displayed includingthe first information and the second information. Such single alert mayfurther include a window automatically displayed on a front most windowof a user interface.

In various embodiments, the information relating to the responses to theevent may include any data relevant to such responses. Just by way ofexample, the information may include a description of the event, whichmay be included in the single alert. Moreover, the first information mayidentify a proposed user action relating to the first application basedon the event. Similarly, the second information may identify a proposeduser action relating to the second application based on the event. Ofcourse, the information may simply describe the automatic responses tothe event by the applications. It should be noted that any combinationof the foregoing information or any other information may be includedper the desires of the user.

Since the amount of information reflected in the single alert may becomecumbersome, a ranking may be associated with the first information andthe second information. In such embodiment, the single alert mayconditionally include the first information and the second informationbased on the ranking or any other threshold. To this end, only apredetermined amount of information is included in the single alert.Moreover, any type of medium may be employed for transmitting the alert(i.e. Windows® Pop-Up, .NET alert, e-mail, pager, cell phone, etc.

FIG. 6 illustrates an exemplary manner 600 in which production andconsumption events are correlated according to the method 500 of FIG. 5and in the context of the libraries 400 of FIG. 4. It should be notedthat such correlation logic is set forth for illustrative purposes only,and should not be construed as limiting in any manner.

As shown, a plurality of production events 602 is shown to be associatedwith various applications 604. Such production events 602 are, in turn,correlated with various consumption events 606.

As shown, a firewall application may consume a “New Infected FileDetected” production event from the anti-virus application, and, asconsumption events, automatically add the infected file to a blockedInternet application list and send a hash of the application to a hackertracking website (i.e. HackerWatch.org). Still yet, the anti-virusapplication may consume a “Trojan application blocked” production eventfrom the firewall application, and automatically perform a scan of theuser's hard drive. Moreover, a content filtering application may consumea “New Internet Protocol Address (IP) Trusted” production event from thefirewall application, and automatically add the trusted IP to itstrusted site list. Still other examples are set forth in FIG. 6 forillustrative purposes.

FIG. 7 illustrates an exemplary alert 700 that may be generatedaccording to the method 500 of FIG. 5 and in the context of thelibraries 400 and correlation 600 of FIGS. 4 and 6, respectively. Itshould be noted, of course, that such alert 700 is set forth forillustrative purposes only, and should not be construed as limiting inany manner.

As shown, the alert 700 may include the various information related tothe event and the responses to the event by various applications. Forexample, a first portion 702 of the alert 700 may relate to the firstapplication (i.e. a firewall application). Similarly, a second portion704 of the alert 700 may relate to the second application (i.e. ananti-virus application). Specifically, the first portion 702 of thealert 700 may relate to the response of the first application and thesecond portion 704 of the alert 700 may relate to the response of thesecond application. Optionally, the first portion 702 and the secondportion 704 of the alert 700 may be displayed to the user simultaneouslyvia a single alert.

Again, the information included with the alert 700 may include adescription of the event, a proposed user action relating to anapplication based on the event, and/or a description of the response tothe event by an application. It should be noted that any combination ofthe foregoing information or any other information may be included perthe desires of the user.

As an option, the single alert 700 may include a plurality of selectionicons 706 capable of being selected by a user for executing at least oneof the proposed user actions, if any. Such selection icons may includelinks (i.e. hyperlinks, etc.) for connecting to a server or the like forcarrying out the proposed user actions. As shown in FIG. 7, such actionsmay include an option to find out more information about the event,launch an application, continuing by doing nothing, etc.

Such response options may be carried out by the selection thereof by auser utilizing a mouse-click or the like. While this may be accomplishedin any desired manner, one exemplary method may include the techniqueset forth in U.S. Pat. No. 6,266,774 entitled “Method and system forsecuring, managing or optimizing a personal computer,” which isincorporated herein by reference in its entirety.

In one embodiment, the single alert 700 may be pushed to a plurality ofcomputers from a server, as opposed to a reaction to an applicationresponse on a computer. In the context of the present description, suchpushing may include any technique where the server initiates thedelivery of the alert 700 to the user computers. It should be noted thatthe foregoing pushing may be accomplished in a variety of foreseeableways. Just by way of example, the alert 700 pushed from the server tothe user computers may actually come as the result of a programmedrequest from the user computers. That is, a client program may be usedto initiate such pushed alerts 700. Still yet, the pushing may include asimple broadcasting of the alert 700. In this case, the alert 700 may bepushed to the user computers that have access to a particular channel orfrequency. Broadcast may (but not always) involve a continuous flow ofinformation.

The foregoing embodiments may thus be useful in a variety of contexts.Just by way of example, if a content filtering application detectedsomeone talking inappropriately to a child, the chat may be blocked andlogged. This, in turn, may be reported to the interface which wouldbroadcast this information to the other applications present on theuser's computer. An anti-spam application, for example, may obtain theinformation on the person propositioning the child over instantmessenger and ensure that all e-mails from that person are blocked andlogged. Personal firewall may, in turn, add the associated IP address toa banned list. Still yet, a visual trace may then trace the IP to thelocation of the service provider. As such, the embodiment of the presentexample may enable the parent to know who, what, when and howinformation, and would also have all the information available for areport for the authorities.

While various embodiments have been described above, it should beunderstood that they have been presented by way of example only, and notlimitation. For example, any of the network elements may employ any ofthe desired functionality set forth hereinabove. Thus, the breadth andscope of a preferred embodiment should not be limited by any of theabove-described exemplary embodiments, but should be defined only inaccordance with the following claims and their equivalents.

What is claimed is:
 1. A method for combined alerting, comprising:receiving first information relating to a first response to an eventassociated with a first application; receiving second informationrelating to a second response to the event associated with a secondapplication; and displaying a single alert including the firstinformation and the second information; wherein the single alertincludes a window automatically displayed on a front most window of agraphical user interface, in response to the receipt of the firstinformation and the second information; wherein the receiving anddisplaying is carried out utilizing an interface that includes thegraphical user interface, the graphical user interface includingincludes a first color coded status indicator for the first application,a second color coded status indicator for the second application, and asecurity index display that displays a plurality of security indices,where each of the plurality of security indices includes a numericalsecurity score and a graphical representation that corresponds to thenumerical security score, where the plurality of security indicesinclude at least a security index, an anti-virus index, an anti-hackerindex, an anti-abuse index, and an anti-spam index.
 2. The method asrecited in claim 1, wherein the single alert includes a description ofthe event.
 3. The method as recited in claim 1, wherein the firstinformation identifies a first proposed user action relating to thefirst application based on the event.
 4. The method as recited in claim3, wherein the second information identifies a second proposed useraction relating to the second application based on the event.
 5. Themethod as recited in claim 1, wherein the first information and thesecond information includes a description of the event, the firstinformation identifies a first proposed user action relating to thefirst application based on the event, and the second informationidentifies a second proposed user action relating to the secondapplication based on the event.
 6. The method as recited in claim 1,wherein components of the first information and the second informationare ranked.
 7. The method as recited in claim 6, wherein the componentsof the first information and the second information are conditionallyincluded in the single alert based on the ranking.
 8. The method asrecited in claim 1, wherein the single alert includes a textualdescription of the first information and the second information.
 9. Themethod as recited in claim 1, wherein the event includes a securityevent.
 10. The method as recited in claim 9, wherein the firstapplication and the second application include applications that includeat least one of an anti-virus application, a firewall application, acontent filtering application, an anti-spam application, and a utilitiesapplication.
 11. The method as recited in claim 1, wherein the interfaceincludes an application program interface.
 12. The method as recited inclaim 1, wherein the interface further includes the graphical userinterface for allowing access to the first application and the secondapplication.
 13. The method as recited in claim 1, wherein the firstresponse or the second response includes an operation to quarantinedata.
 14. The method as recited in claim 1, wherein the first responseor the second response includes an operation to delete data.
 15. Themethod as recited in claim 1, wherein the first response or the secondresponse includes an operation to clean data.
 16. The method as recitedin claim 1, wherein the first response or the second response includesan operation to alert a user.
 17. The method as recited in claim 1,wherein the first color coded status indicator and the second colorcoded status indicator each include a color coded icon, where the colorcoded icon exhibits a green color to indicate that the correspondingapplication is installed, enabled and running, and the color coded iconexhibits a red color to indicate that the corresponding application isat least one of not installed, disabled and expired, and to furtherindicate if a subscription associated with the corresponding applicationis expired.
 18. The method as recited in claim 1, wherein the thenumerical security score is in a range of 1.0 to 10.0 and the graphicalrepresentation comprises a bar graph.
 19. The method as recited in claim1, wherein the graphical user interface that includes the first colorcoded status indicator for the first application and the second colorcoded status indicator for the second application further includes anupdate icon, an additional information icon, a support icon, and a helpicon.
 20. The method as recited in claim 1, wherein the graphical userinterface that includes the first color coded status indicator for thefirst application and the second color coded status indicator for thesecond application is displayed separately from the displayed window ofthe single alert.
 21. A computer program product embodied on anon-transitory computer readable medium for combined alerting,comprising: computer code for receiving first information relating to afirst response to an event associated with a first application; computercode for receiving second information relating to a second response tothe event associated with a second application; and computer code fordisplaying a single alert including the first information and the secondinformation; wherein the single alert includes a window automaticallydisplayed on a front most window of a graphical user interface, inresponse to the receipt of the first information and the secondinformation; wherein the receiving and displaying is carried oututilizing an interface that includes the graphical user interface, thegraphical user interface including a first color coded status indicatorfor the first application, a second color coded status indicator for thesecond application, and a security index display that displays aplurality of security indices, where each of the plurality of securityindices includes a numerical security score and a graphicalrepresentation that corresponds to the numerical security score, wherethe plurality of security indices include at least a security index, ananti-virus index, an anti-hacker index, an anti-abuse index, and ananti-spam index.
 22. A system for combined alerting, comprising: meansfor receiving first information relating to a first response to an eventassociated with a first application; means for receiving secondinformation relating to a second response to the event associated with asecond application; and means for displaying a single alert includingthe first information and the second information; wherein the singlealert includes a window automatically displayed on a front most windowof a graphical user interface, in response to the receipt of the firstinformation and the second information; wherein the receiving anddisplaying is carried out utilizing an interface that includes thegraphical user interface, the graphical user interface includingincludes a first color coded status indicator for the first application,a second color coded status indicator for the second application, and asecurity index display that displays a plurality of security indices,where each of the plurality of security indices includes a numericalsecurity score and a graphical representation that corresponds to thenumerical security score, where the plurality of security indicesinclude at least a security index, an anti-virus index, an anti-hackerindex, an anti-abuse index, and an anti-spam index.
 23. A method forcombined alerting, comprising: receiving first information correspondingto a first proposed user action in response to an event associated witha first application; receiving second information corresponding to asecond proposed user action in response to the event associated with asecond application; and displaying a single alert including the firstinformation and the second information; wherein the single alertincludes a window automatically displayed on a front most window of agraphical user interface, in response to the receipt of the firstinformation and the second information; wherein the receiving anddisplaying is carried out utilizing an interface that includes thegraphical user interface, the graphical user interface includingincludes a first color coded status indicator for the first application,a second color coded status indicator for the second application, and asecurity index display that displays a plurality of security indices,where each of the plurality of security indices includes a numericalsecurity score and a graphical representation that corresponds to thenumerical security score, where the plurality of security indicesinclude at least a security index, an anti-virus index, an anti-hackerindex, an anti-abuse index, and an anti-spam index.
 24. The method asrecited in claim 23, wherein the single alert includes a plurality ofselection icons capable of being selected by a user for executing atleast one of the first proposed user action and the second proposed useraction.
 25. The method as recited in claim 24, wherein the selectionicons include links.
 26. The method as recited in claim 25, wherein theselection icons include hyperlinks.
 27. A single alert object embodiedon a non-transitory computer readable medium, comprising: a firstportion reflecting a first response to an event associated with a firstapplication; and a second portion displayed simultaneously with thefirst portion for reflecting a second response to the event associatedwith a second application; wherein the single alert object includes awindow automatically displayed on a front most window of a graphicaluser interface, in response to the receipt of the first information andthe second information; wherein the receiving and displaying is carriedout utilizing an interface that includes the graphical user interface,the graphical user interface including a first color coded statusindicator for the first application, a second color coded statusindicator for the second application, and a security index display thatdisplays a plurality of security indices, where each of the plurality ofsecurity indices includes a numerical security score and a graphicalrepresentation that corresponds to the numerical security score, wherethe plurality of security indices include at least a security index, ananti-virus index, an anti-hacker index, an anti-abuse index, and ananti-spam index.
 28. A method for combined alerting, comprising:identifying an event; receiving first information relating to a firstresponse to the event associated with a first application, the firstinformation further relating to a first proposed user action in responseto the event associated with the first application; receiving secondinformation relating to a second response to the event associated with asecond application, the second information further relating to a secondproposed user action in response to the event associated with the secondapplication; determining a ranking associated with the first informationand the second information; and displaying a single alert conditionallyincluding the first information and the second information based on theranking, the single alert including a window automatically displayed ona front most window of a graphical user interface; wherein the firstapplication and the second application include applications that includeat least one of an anti-virus application, a firewall application, acontent filtering application, an anti-spam application, and a utilitiesapplication; wherein the receiving and displaying is carried oututilizing an interface that includes the graphical user interface, thegraphical user interface including includes a first color coded statusindicator for the first application, a second color coded statusindicator for the second application, and a security index display thatdisplays a plurality of security indices, where each of the plurality ofsecurity indices includes a numerical security score and a graphicalrepresentation that corresponds to the numerical security score, wherethe plurality of security indices include at least a security index, ananti-virus index, an anti-hacker index, an anti-abuse index, and ananti-spam index.